Policy

Compliance - Policy

Printer-friendly version
Body

1. Purpose and Objectives

The University operates in a highly regulated environment and its regulatory Compliance obligations are diverse and extensive. The wide breadth of its operations encompasses academic, research and commercial pursuits (locally and overseas), and the University has a large student cohort comprising domestic and international Students. The purpose of this Policy is to enable the University to meet and manage these Compliance obligations and risks.

The Compliance Program comprises–

  • Regulatory compliance: the relevant legislation, regulations, standards and recognised industry and professional codes to which the University is subject; and
  • Ethical compliance: the Compliance Culture in which the University discharges its Compliance obligations.

2. Definitions, Terms, Acronyms

Accountable Officer – designated University officers who support their individual Custodians and implement Compliance within their area of accountability.

Code of Conduct – Code of Conduct (University Policy 1.50.1).

Compliance – adhering to the requirements of laws, industry and organisational standards and codes, principles of good governance and accepted community and ethical standards.

Compliance Culture – the values, ethics and beliefs that exist throughout the University and interact with the organisation’s structures and control systems to produce behavioural norms that are conducive to Compliance outcomes.

Compliance Failure – an act or omission by the University which results in the University not meeting its Compliance obligations, processes or behavioural obligations.

Compliance Program – the series of activities that enable the University to achieve Compliance.

Custodians – designated University officers who have overall responsibility for specific Compliance obligations binding on the University.

Legislation Register – a register of the University’s identified Australian legislative Compliance obligations.

Management – the Vice-Chancellor, Provost, Deputy Vice-Chancellors, Chief Operating Officer, Academic Board President, Pro-Vice-Chancellors, Executive Deans, Institute Directors, Deans, Associate Deans, Deputy Deans, Heads of School, Central Services and Divisions Directors and any Staff member who has line management obligations.

Senate – the University of Queensland Senate.

Staff – as defined in the Code of Conduct

Standard – Australian Standard AS 3806-2006 Compliance Programs.

Student – a person enrolled as a student at the University or undertaking courses or programs at the University.

University – The University of Queensland.

3. Policy Scope/Coverage

This Policy applies to all Staff, Students and any person participating in authorised University business or activities, including service providers and contractors. 

4. Policy Statement

This Policy adopts the guidelines for Compliance Programs detailed in the Standard and set out below.

The Standard groups twelve key Compliance principles under four categories:

  • Commitment;
  • Implementation;
  • Monitoring, Measuring and Reporting; and
  • Continual Improvement.

Each of these four areas is expanded on in this Policy.

Commitment

  1. Commitment by the Senate and Management to effective Compliance that permeates the whole organisation.
  2. Alignment of the Compliance policy to the organisation’s strategy and business objectives, and endorsement by the Senate.
  3. Allocations of appropriate resources to develop, implement, maintain and improve the Compliance Program.
  4. Endorsement by the Senate and Management. 
  5. Identification and assessment of Compliance obligations.

Implementation

  1. Clear articulation and assignment of responsibility for compliant outcomes.
  2. Identification of and addressing competence and training needs to enable Staff to fulfil their Compliance obligations.
  3. Encouragement of behaviours that create and support Compliance whilst not tolerating behaviours that compromise Compliance.
  4. Ensuring controls are in place to manage the identified Compliance obligations and achieve desired behaviours.

Monitoring, Measuring and Reporting

  1. Monitoring, measuring and reporting on performance of the Compliance Program.
  2. Demonstration of the Compliance Program through both documentation and practice.

Continual Improvement

  1. Regular review and continual improvement of the Compliance Program.

5. Implementation of Compliance Program

5.1 Functional Compliance

Compliance is an ongoing ‘business as usual’ process which, whilst mandatory, must be balanced with the practicalities of running a large organisation. It is not the intention of the Compliance Program to create overheads which yield no added value. Accordingly, it is a functionally driven Compliance Program which assigns identified Compliance obligations to nominated Staff.

The Compliance Program provides guidance to assist Staff to identify Compliance obligations and operate within the regulatory requirements which govern the University’s day-to-day operations. Naturally, some regulatory requirements such as TEQSA and Work Health and Safety legislation will require more resources, but these will already be reflected in the current Staff complements.

There are three groups of Staff responsible for oversight of Compliance obligations: Custodians, Accountable Officers, and Local Compliance Officers.

While these Staff members are assigned specific responsibilities, no Staff member is absolved from responsibility for Compliance. All members of the University are required, in terms of the Code of Conduct, to be familiar with and adhere to all University Policies and Procedures.

5.2 Custodians

Custodians have overall responsibility for specific Compliance obligations binding on the University.

The Custodians are the Provost, Chief Operating Officer, Deputy Vice-Chancellor (Academic), Deputy Vice-Chancellor (Research), and Deputy Vice-Chancellor (International) or other University officer designated by the Vice-Chancellor and approved by Senate from time to time. In some instances, responsibility for a specific Compliance obligation will be shared by more than one Custodian.

Custodians are responsible for:

  • designing, developing, implementing, maintaining and continuously improving the Compliance Program within their areas of control;
  • introducing and maintaining Policies and Procedures to embed within the University the Compliance obligations within their areas of control;
  • ensuring that the Vice-Chancellor and Management are kept aware of Compliance concerns, issues and Compliance Failures;
  • ensuring that any Compliance Failure or conduct prejudicial to the Compliance Culture is dealt with appropriately;
  • maintaining the Legislation Register for their areas of control, or assigning this task to their Accountable Officers;
  • implementing training programs (usually via their Accountable Officers) to raise awareness of, and foster Compliance with, those obligations;
  • fostering and encouraging a Compliance Culture within the University;
  • ensuring that a commitment to Compliance is upheld at all times;
  • remaining aware of the Compliance obligations within their areas of control; and
  • ensuring that effective and timely systems of reporting are in place.

5.3 Accountable Officers

Accountable Officers support their individual Custodians. These individuals are generally the content experts in relation to the Compliance obligations for which they have been assigned responsibility. Typically, they are directors of organisational units responsible for incorporating Compliance obligations and practices into standard management practices.  In some instances there will be multiple Accountable Officers sharing responsibility for a single Compliance obligation.

Accountable Officers are responsible for:

  • implementing and maintaining Compliance processes within their area of responsibility;
  • working with other Accountable Officers to minimise unnecessary duplication or to agree coordination responsibilities where obligations span multiple areas;
  • reporting Compliance Failures Compliance complaints, concerns and issues to Custodians; and
  • maintaining the Legislation Register as assigned to them by their Custodian.

5.4 Local Compliance Officers

Local Compliance Officers provide day-to-day support to Accountable Officers in carrying out their Compliance responsibilities and are responsible for:

  • implementing certain elements of individual Compliance obligations and processes; and
  • reporting Compliance Failures and Compliance complaints, concerns and issues, to their immediate supervisor and Accountable Officer.

5.5 Management

Custodians, assisted by Accountable Officers, ensure that legislation which is far-reaching is reflected in the PPL. Legislation which is not incorporated into a University Policy is of equal importance. Management has the day-to-day responsibility for implementing Compliance as part of their standard management practice, whether or not the Compliance requirement is contained in a University Policy.

Management is responsible for:

  • fostering and encouraging a Compliance Culture within their areas of responsibility;
  • supporting Staff within their areas of responsibility to ensure Compliance;
  • ensuring that a commitment to Compliance is upheld at all times;
  • remaining aware of the Compliance obligations within their areas of responsibility;
  • identifying, documenting and communicating Compliance obligations and risks within their areas of responsibility and developing relevant processes to meet those obligations;
  • reporting of all Compliance Failures  and Compliance complaints, concerns and issues within their areas of responsibility; and
  • actively participating in the management and resolution of Compliance Failures, Compliance complaints concerns and issues.

5.6 Examples

The operation of these principles is illustrated in the following two examples.

5.6.1 Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act)

The current designated Custodian for the TEQSA Act is the Deputy Vice-Chancellor (Academic) (DVC(A)). As Custodian, the DVC(A) will have overall responsibility for the development and implementation of programs to address the Compliance obligations arising under the TEQSA Act. This responsibility includes ensuring that those Compliance obligations are incorporated in relevant University policies. Given the breadth of obligations contained in the TEQSA Act it is possible that more than one Custodian will be designated for this legislation.

In addition it is probable that more than one University officer will be appointed as Accountable Officer. These Accountable Officers will be responsible for the actual development and implementation of those programs in their areas of operation.

Those Accountable Officers will be assisted by Local Compliance Officers who will be assigned specific Compliance responsibilities eg assisting with compiling financial information for annual financial statements in accordance with section 27 of the TEQSA Act.

Management has day to day responsibility to promote, monitor and uphold the Compliance obligations via implementation of the programs and relevant policies within their areas of operation and control.

5.6.2 Work Health and Safety Act 2011 (WHSA)

The current designated Custodian for the WHSA is the Chief Operating Officer (COO). As Custodian, the COO will have overall responsibility for the development and implementation of programs to address the Compliance obligations arising under the WHSA Act. This includes ensuring that those Compliance obligations are incorporated in relevant University policies.

The Director OH&S is the designated Accountable Officer. The Director OH&S is responsible for the actual development, dissemination and implementation of relevant programs addressing the WHSA Act obligations across the University.

The Director OH&S will be assisted by Local Compliance Officers who will act as OH&S officers within faculties, institutes and other areas of the University.

Management has day to day responsibility to promote, monitor and uphold the Compliance obligations arising under the WHSA Act via implementation of relevant programs and policies within their areas of operation and control.

5.7 Legislation Register

The University maintains an electronic register of all identified Compliance obligations of the University. The Register also identifies designated Custodians and Accountable Officers for key Compliance obligations and related University policies and procedures to provide a reference guide to the University’s Compliance obligations. This Register is a living document and will be reviewed and updated as necessary by Custodians or Accountable Officers if assigned by their Custodian.

5.8 Legislative Alert System

The University has acquired an enterprise wide licence for a legislative alert service to assist in the overall Compliance operations of the University and to ensure timely advice of changes to laws, regulations, codes and other Compliance obligations. This service provides email notifications with hyperlinks to source documents within 24 hours of publicly announced changes to Australian legislation.

All Staff members can apply for access to this service

5.9 Non-Compliance

All Staff, Students and any person participating in authorised University business or activities, including service providers and contractors, have a responsibility for ensuring the Compliance obligations of the University are met, specifically to:

  • ensure that their activities on behalf of the University comply with applicable law and related University policies and are performed in an ethical, lawful and safe manner; and
  • report and escalate Compliance related concerns, issues, complaints and Compliance Failures.

In addition, Staff members are expected to be aware of common areas of legislation that affect their day-to-day work.

A breach of the University's Compliance obligations by Staff or Students may result in legal action against the University or against the individual concerned.

A breach by a Staff member may also result in disciplinary action in accordance with the provisions set out in the Code of Conduct, relevant enterprise agreement or employment contract.

Students who breach legal requirements may be subject to disciplinary action in accordance with the provisions of the Student Integrity and Misconduct Policy.

6. Monitoring, Measuring and Reporting of Compliance

6.1 Routine Reporting

Current systems, procedures and controls must support the monitoring and reporting of Compliance obligations against the requirements of the Legislation Register.

6.2 Reporting of Compliance Failure

The University encourages the proactive reporting of Compliance Failures, breaches, issues, incidents and complaints.

All Staff must notify their immediate supervisors or relevant Accountable Officers once they become aware that a Compliance Failure has occurred or is likely to occur, or that a Compliance-related complaint has been made. Supervisors must address the Compliance Failure or Compliance-related complaint upon becoming aware of that event in order to re-establish Compliance and provide protection to the University.

6.3 Annual Certification Process

Using current reporting structures, an annual review of Compliance management processes will be undertaken. This will enable Senate and the Vice-Chancellor to discharge their overall responsibility for University Compliance.

Custodians will certify to the Vice-Chancellor that all Compliance obligations for which they have oversight responsibility have been compliant for the preceding twelve months, or if not, the area and reasons for non-Compliance.

Custodians will also verify that information relating to the University’s obligations in the Legislation Register is still correct and up-to-date.

7. Continual Improvement of Compliance

This Policy, the Procedures and the Legislation Register will be reviewed on an ongoing basis to identify deficiencies and ensure continuous improvement.

Custodians
Chief Operating Officer
Mr Greg Pringle
Custodians
Chief Operating Officer
Mr Greg Pringle